allow surfaceflinger self:process execmem; | |
# Read GCE initial metadata file | |
allow surfaceflinger initial_metadata_file:file r_file_perms; | |
# Interact with the userspace framebuffer | |
# TODO(b/64158954): Remove/update these rules once gralloc impl changes | |
allow surfaceflinger fb_ctl_file:file rw_file_perms; | |
allow surfaceflinger userspace_fb_file:file rw_file_perms; |